public class PdfEncryption extends PdfObjectWrapper<PdfDictionary>
Constructor and Description |
---|
PdfEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionType, byte[] documentId, PdfVersion version)
Creates the encryption.
|
PdfEncryption(Certificate[] certs, int[] permissions, int encryptionType, PdfVersion version)
Creates the certificate encryption.
|
PdfEncryption(PdfDictionary pdfDict, byte[] password, byte[] documentId) |
PdfEncryption(PdfDictionary pdfDict, Key certificateKey, Certificate certificate, String certificateKeyProvider, IExternalDecryptionProcess externalDecryptionProcess) |
Modifier and Type | Method and Description |
---|---|
byte[] |
computeUserPassword(byte[] ownerPassword)
Computes user password if standard encryption handler is used with Standard40, Standard128 or AES128 algorithm.
|
static PdfObject |
createInfoId(byte[] id, boolean modified)
Creates a PdfLiteral that contains an array of two id entries.
|
static PdfObject |
createInfoId(byte[] firstId, byte[] secondId)
Creates a PdfLiteral that contains an array of two id entries.
|
byte[] |
decryptByteArray(byte[] b) |
byte[] |
encryptByteArray(byte[] b) |
void |
flush()
To manually flush a PdfObject behind this wrapper, you have to ensure that this object is added to the document, i.e.
|
static byte[] |
generateNewDocumentId() |
int |
getCryptoMode()
Gets encryption algorithm and access permissions.
|
byte[] |
getDocumentId() |
OutputStreamEncryption |
getEncryptionStream(OutputStream os) |
Long |
getPermissions()
Gets the encryption permissions.
|
boolean |
isEmbeddedFilesOnly() |
boolean |
isMetadataEncrypted() |
boolean |
isOpenedWithFullPermission() |
protected boolean |
isWrappedObjectMustBeIndirect()
Defines if the object behind this wrapper must be an indirect object in the resultant document.
|
void |
setHashKeyForNextObject(int objNumber, int objGeneration) |
ensureObjectIsAddedToDocument, ensureUnderlyingObjectHasIndirectReference, getPdfObject, isFlushed, makeIndirect, makeIndirect, markObjectAsIndirect, setForbidRelease, setModified, setPdfObject, unsetForbidRelease
public PdfEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionType, byte[] documentId, PdfVersion version)
userPassword
- the user password. Can be null or of zero length, which is equal to omitting the user password
ownerPassword
- the owner password. If it's null or empty, iText will generate a random string to be used as the owner password
permissions
- the user permissions The open permissions for the document can be EncryptionConstants.ALLOW_PRINTING
, EncryptionConstants.ALLOW_MODIFY_CONTENTS
, EncryptionConstants.ALLOW_COPY
, EncryptionConstants.ALLOW_MODIFY_ANNOTATIONS
, EncryptionConstants.ALLOW_FILL_IN
, EncryptionConstants.ALLOW_SCREENREADERS
, EncryptionConstants.ALLOW_ASSEMBLY
and EncryptionConstants.ALLOW_DEGRADED_PRINTING
. The permissions can be combined by ORing them
encryptionType
- the type of encryption. It can be one of EncryptionConstants.STANDARD_ENCRYPTION_40
, EncryptionConstants.STANDARD_ENCRYPTION_128
, EncryptionConstants.ENCRYPTION_AES_128
or EncryptionConstants.ENCRYPTION_AES_256
. Optionally EncryptionConstants.DO_NOT_ENCRYPT_METADATA
can be ORed to output the metadata in cleartext. EncryptionConstants.EMBEDDED_FILES_ONLY
can be ORed as well. Please be aware that the passed encryption types may override permissions: EncryptionConstants.STANDARD_ENCRYPTION_40
implicitly sets EncryptionConstants.DO_NOT_ENCRYPT_METADATA
and EncryptionConstants.EMBEDDED_FILES_ONLY
as false; EncryptionConstants.STANDARD_ENCRYPTION_128
implicitly sets EncryptionConstants.EMBEDDED_FILES_ONLY
as false;
documentId
- document id which will be used for encryption
version
- the PdfVersion
of the target document for encryption
public PdfEncryption(Certificate[] certs, int[] permissions, int encryptionType, PdfVersion version)
An array of one or more public certificates must be provided together with an array of the same size for the permissions for each certificate.
certs
- the public certificates to be used for the encryption
permissions
- the user permissions for each of the certificates The open permissions for the document can be EncryptionConstants.ALLOW_PRINTING
, EncryptionConstants.ALLOW_MODIFY_CONTENTS
, EncryptionConstants.ALLOW_COPY
, EncryptionConstants.ALLOW_MODIFY_ANNOTATIONS
, EncryptionConstants.ALLOW_FILL_IN
, EncryptionConstants.ALLOW_SCREENREADERS
, EncryptionConstants.ALLOW_ASSEMBLY
and EncryptionConstants.ALLOW_DEGRADED_PRINTING
. The permissions can be combined by ORing them
encryptionType
- the type of encryption. It can be one of EncryptionConstants.STANDARD_ENCRYPTION_40
, EncryptionConstants.STANDARD_ENCRYPTION_128
, EncryptionConstants.ENCRYPTION_AES_128
or EncryptionConstants.ENCRYPTION_AES_256
. Optionally EncryptionConstants.DO_NOT_ENCRYPT_METADATA
can be ORed to output the metadata in cleartext. EncryptionConstants.EMBEDDED_FILES_ONLY
can be ORed as well. Please be aware that the passed encryption types may override permissions: EncryptionConstants.STANDARD_ENCRYPTION_40
implicitly sets EncryptionConstants.DO_NOT_ENCRYPT_METADATA
and EncryptionConstants.EMBEDDED_FILES_ONLY
as false; EncryptionConstants.STANDARD_ENCRYPTION_128
implicitly sets EncryptionConstants.EMBEDDED_FILES_ONLY
as false;
version
- the PdfVersion
of the target document for encryption
public PdfEncryption(PdfDictionary pdfDict, byte[] password, byte[] documentId)
public PdfEncryption(PdfDictionary pdfDict, Key certificateKey, Certificate certificate, String certificateKeyProvider, IExternalDecryptionProcess externalDecryptionProcess)
public static byte[] generateNewDocumentId()
public static PdfObject createInfoId(byte[] id, boolean modified)
id
- the first id
modified
- whether the document has been changed or not
public static PdfObject createInfoId(byte[] firstId, byte[] secondId)
firstId
- the first id
secondId
- the second id
public Long getPermissions()
WriterProperties.setStandardEncryption(byte[], byte[], int, int)
. See ISO 32000-1, Table 22 for more details.
public int getCryptoMode()
EncryptionConstants
public boolean isMetadataEncrypted()
public boolean isEmbeddedFilesOnly()
public byte[] getDocumentId()
public void setHashKeyForNextObject(int objNumber, int objGeneration)
public OutputStreamEncryption getEncryptionStream(OutputStream os)
public byte[] encryptByteArray(byte[] b)
public byte[] decryptByteArray(byte[] b)
public boolean isOpenedWithFullPermission()
public byte[] computeUserPassword(byte[] ownerPassword)
ownerPassword
- owner password of the encrypted document.
public void flush()
PdfObject
behind this wrapper, you have to ensure that this object is added to the document, i.e. it has an indirect reference. Basically this means that before flushing you need to explicitly call PdfObjectWrapper.makeIndirect(PdfDocument)
. For example: wrapperInstance.makeIndirect(document).flush(); Note that not every wrapper require this, only those that have such warning in documentation.
flush
in class PdfObjectWrapper<PdfDictionary>
protected boolean isWrappedObjectMustBeIndirect()
PdfObjectWrapper
isWrappedObjectMustBeIndirect
in class PdfObjectWrapper<PdfDictionary>
Copyright © 1998–2022 iText Group NV. All rights reserved.